Having looked into this in more detial, the problem seems to be caused by the other version of easy rsa calling set_client_cert[1].
This then updates a dictionary `to_publish_raw` which is picked up by get_client_cert (deprecated) [2].
This is fine, but recent versions of layer-tls-client use a client_cert_maps to provide certificates on a per host basis. This method does not pick up `to_publish_raw`[3, 4].
I am proposing a fix where layer-tls-client checks for per-server certs, and falls back to global certs after failing to find per server certs.
Having looked into this in more detial, the problem seems to be caused by the other version of easy rsa calling set_client_cert[1].
This then updates a dictionary `to_publish_raw` which is picked up by get_client_cert (deprecated) [2].
This is fine, but recent versions of layer-tls-client use a client_cert_maps to provide certificates on a per host basis. This method does not pick up `to_publish_raw`[3, 4].
I am proposing a fix where layer-tls-client checks for per-server certs, and falls back to global certs after failing to find per server certs.
[1] But othe old method updates to_publish_raw: /github. com/charmed- kubernetes/ interface- tls-certificate s/blob/ 2fc3f1ee969bad4 431b18428993776 e82e122309/ provides. py#L80 /github. com/charmed- kubernetes/ interface- tls-certificate s/blame/ 2fc3f1ee969bad4 431b18428993776 e82e122309/ requires. py#L164 /github. com/charmed- kubernetes/ interface- tls-certificate s/blame/ 2fc3f1ee969bad4 431b18428993776 e82e122309/ requires. py#L244 /github. com/charmed- kubernetes/ interface- tls-certificate s/blame/ 2fc3f1ee969bad4 431b18428993776 e82e122309/ requires. py#L89
https:/
[2] https:/
[3] https:/
[4] https:/